1 © 2015 IBM Corporation © 2015 IBM Corporation
with Ovum Research and IBM
2015 Mobile Security Wrap-up and 2016 Look Ahead
Richard Absalom, Principal Analyst, Enterprise Mobility
Jonathan Dale, IBM Security
December 9, 2015
2 © 2015 IBM Corporation
Housekeeping items
✓Duration – 60 minutes
✓Submit your questions to all
panelists in the Q&A box located
in the bottom right corner of your
screen
✓Recording and slides will be
emailed to you
3 © 2015 IBM Corporation
Agenda
2015 Year in Review
2016 Trends to Watch
IBM Security Overview
Q&A
4 © Copyright Ovum 2014. All rights reserved.
About Ovum
• Leading independent global IT & Telecoms Research & Analysis firm
• 180 analysts covering a broad set of technologies and markets
• Provides strategic advice to telecoms operators, IT vendors, service providers,
and enterprise IT leaders
• Headquartered in London (UK)
• 4 year history of investment in understanding consumerization behaviors,
enterprise mobility and productivity
5 © Copyright Ovum 2014. All rights reserved.
2015: Year in Review
6 © Copyright Ovum 2014. All rights reserved.
What we said this time last year: There is a clear
mismatch between employer knowledge and
employee behavior around mobility
65.6%
40.3%
54.7%
26.0%
16.8% 17.4%
0%
10%
20%
30%
40%
50%
60%
70%
Smartphone Tablet Laptop
% o
f re
sp
on
de
nts
Do you use your personal devices for work? (employees) vs. What percentage of your employees use their own devices for work?
(enterprise IT)
Employee responses Enterprise IT responses
Source: Ovum Employee Mobility Survey 2014 (N=5,187), Ovum ICT Enterprise Insights Survey 2014 (N=2,708)
7 © Copyright Ovum 2014. All rights reserved.
End of 2015: the mismatch is still there
Source: Ovum Employee Mobility Survey 2015
27.5% 28.3% 24.4%
41.1%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
People who BYOsmartphone
People who BYO tablet People who BYOlaptop
People who BYOwearable
% o
f re
sp
on
de
nts
wh
o u
se
th
eir
ow
n d
evic
es
Have you signed a policy governing the use of your personal device(s) for work?
Yes
No
Don't know
8 © Copyright Ovum 2014. All rights reserved.
28.7% of employees who use their own smartphone
for work are still doing so directly against stated
corporate policy
Source: Ovum Employee Mobility Survey 2015, N=2,123
Not allowed to use device 3.5%
COBO 13.1%
CYOD / COPE 12.1%
Unlimited, unsupported BYOD 22.6%
Limited, supported
BYOD 10.5%
Unlimited, supported BYOD 38.2%
Among those who BYOS, how does their employer provide smartphones?
9 © Copyright Ovum 2014. All rights reserved.
Enterprise views on mobility are becoming more app
and task-focused – we’ve been talking about the need
for both “Hero” and “Soldier” apps
10 © Copyright Ovum 2014. All rights reserved.
The virtuous circle of mobile enterprise app
development and deployment
11 © Copyright Ovum 2014. All rights reserved.
Businesses are gradually moving along the mobility
maturity model, towards viewing mobility as potentially
transformational
React
Identify internal demand
for mobility – often driven
by BYOD
Adopt
Trial a solution / service
to manage the influx of
devices – often MDM
Build
Build on the original
solution to provide a
wider range of capabilities
to end users, including
“Hero” apps
Transform
Transform business
processes by providing
process-specific
“Soldier” apps
12 © Copyright Ovum 2014. All rights reserved.
There is some evidence that enterprise app stores are
taking off – but there is still a way to go
Source: Ovum Employee Mobility Survey 2015, N=4,267
Yes 25.8%
No 65.9%
Don’t know 8.2%
Does your employer provide access to mobile apps that you can use for work through a corporate app store or portal?
13 © Copyright Ovum 2014. All rights reserved.
The march towards the digital workspace continues
apace
Businesses and employees are embracing the idea that work is something we
do, not somewhere we go
We are getting increasing numbers of enquiries about the need for cross
platform IT management and security
The digital workspace is about providing any time access to any application,
on any device: the natural evolution of enterprise mobility management
14 © Copyright Ovum 2014. All rights reserved.
The march towards the digital workspace continues
apace
Mobility management is now about much more than MDM:
Cross platform application development, provision and management – across
PC and mobile
Identity and access management to underpin security across devices
Content management and file-level security
15 © Copyright Ovum 2014. All rights reserved.
Competitive Enterprise Mobility Management review:
2015 was a year of shakeout and consolidation in the
market
Smaller vendors have dropped out, changed focus or been acquired
The major players are now nearly all IT Megavendors, including new joiners in
2015
These larger vendors can do more than just mobility management and are
playing more and more on the idea of the digital workspace
16 © Copyright Ovum 2014. All rights reserved.
2016: New Trends to Watch
17 © Copyright Ovum 2014. All rights reserved.
The beginning of the rise of wearables: smart watches
and BYOD
But that’s actually around 47% of employees
who actually own a wearable
So, as with smartphones and tablets
previously, BYOD is likely to be the primary
initial route for smart watches into the
enterprise – but they need a killer app!
7.7% of employees are using their own
wearable device such as a smart watch for
work – much lower than smartphones or
tablets…
Source: Ovum Employee Mobility Survey 2015, N=4,502
18 © Copyright Ovum 2014. All rights reserved.
The beginning of the rise of wearables: HUDs to find
their workplace niche
HUDs such as Google Glass haven’t really
taken off in the consumer space…
But they are pretty cool for certain functions at work
19 © Copyright Ovum 2014. All rights reserved.
Mobile carriers and software vendors aim to fulfil
demand for split billing
The need for split billing is being driven both by user behavior and legal
rulings
Businesses want to find ways to efficiently reimburse BYOD costs (monthly
stipends aren’t always the best way of doing this), or separate work and
personal activity on corporate-owned devices
Legal ruling in California expected to be replicated elsewhere – watch this
space
20 © Copyright Ovum 2014. All rights reserved.
Security is a key issue for enterprise IT decision
makers, and intrinsically linked to all other trends
Ovum’s large scale Decision Maker survey identifies security, identity as #2 of
8 IT priorities: 55.8% list it as one of top priorities
Because mobile devices do so much more than email now, mobile security is
impossible to ignore
Security is being built into strategic thinking around mobility – perhaps the
time taken to wrestle with finding the right solution is behind the finding that so
much mobile activity still goes unmanaged?
21 © 2015 IBM Corporation
IBM Security Overview
© 2015 IBM Corporation
IBM Security
22
The IBM mobile security framework
CA, Oracle, RSA
Configure devices &
manage security policies
Automate enforcement
Mitigate risks of lost or
compromised devices
Distribute & manage
enterprise apps
Separate work &
personal data
Protect apps & data
from vulnerabilities
Enable work content
availability & sharing
Create & edit content
Contain sensitive
corporate information
Provide secure web &
mobile access control
Deliver ease-of-use with
SSO & unified identity
management
Extend Security Intelligence
Extend security information & event management (SIEM) to mobile environment
Incorporate log management, anomaly detection, configuration & vulnerability management
Manage Access and Fraud
Secure Content and Collaboration
Safeguard Applications and Data
Protect Devices
© 2015 IBM Corporation
IBM Security
23
Complete mobility management and security
Advanced Management Visibility & Control
Secure Productivity Suite Trusted Workplace
Secure Document Sharing Content Collaboration
Mobile Threat Management Malware Protection
Mobile Enterprise Gateway Enterprise Access
© 2015 IBM Corporation
IBM Security
24
Why IBM MobileFirst Protect?
Integrated
solutions that connect
seamlessly to your
existing and external
environments
Scalable
data security with
intelligence for the
volume, speed, and
variability of mobile
Complete
management of
devices, apps, content
and users from a
single platform
© 2015 IBM Corporation
IBM Security
25
www.ibm.com/security
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes
only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use
of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement
governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in
all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any
way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United
States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and
response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed,
misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product
should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use
or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily
involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT
THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE
MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.